VPLS Topology-Single PE or Direct Attachment
The single PE or direct attachment architecture uses a flat architecture and supports Ethernet port, 802.1Q VLAN, and dot1q tunnel modes. The CEs are directly connected to the PE routers, and this architecture involves the creation of a separate VSI for each customer. Customer traffic originating from the CE in native Ethernet or VLAN tagged frames are MPLS encapsulated with an AToM stack. Direct attachment VPLS also uses a full mesh of directed LDP and tunnel LSPs between all the PE routers. Although this creates signaling overhead, the real detriment to large-scale deployment is the packet replication requirements for each provisioned VC on a PE router. Due to scalability constraints, this solution is suitable only for simple implementations. Figure 12-6 shows a direct attachment VPLS architecture providing VPLS services to Customers A and B.
Figure 12-6. Direct Attachment VPLS Network
Customer A's network has CE routers CE1-A, CE2-A, and CE3-A connected to PEs PE1, PE2, and PE3, respectively. Links to CE1-A, CE2-A, and CE3-A are configured as switch access ports on PE1, PE2, and PE3. Customer B's CE devices, CE1-B, CE2-B, and CE3-B, are configured as 802.1Q trunk ports to PE1, PE2, and PE3, respectively. Figure 12-7 shows the data forwarding that takes place in a direct attachment VPLS architecture using port and 802.1Q modes.
Figure 12-7. VPLS Data Forwarding in Port and 802.1Q Mode
Configuration Flowchart for Direct Attachment VPLS
To achieve a functional VPLS network, there are two important steps. The first step is to ensure that the SP's network comprising PE1, PE2, and PE3 is enabled for MPLS forwarding. Example 12-1 shows the provider network configurations for PE1, PE2, and PE3. Throughout this chapter, you will use these as provider network configurations.
Example 12-1. Provider Network Configuration for MPLS Forwarding
!PE1 hostname PE1 ! mpls label protocol ldp mpls ldp discovery targeted-hello accept mpls ldp router-id Loopback0 force ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface GE-WAN3/1 description connected to PE2 ip address 10.10.10.1 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE3 ip address 10.10.10.5 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0 ______________________________________________________________________ !PE2 hostname PE2 ! mpls label protocol ldp mpls ldp discovery targeted-hello accept mpls ldp router-id Loopback0 force ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface GE-WAN3/1 description connected to PE1 ip address 10.10.10.2 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE3 ip address 10.10.10.9 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0 ______________________________________________________________________ !PE3 hostname PE3 ! mpls label protocol ldp mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.103 255.255.255.255 ! interface GE-WAN3/1 description connected to PE2 ip address 10.10.10.10 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE1 ip address 10.10.10.6 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0
The second step is to configure the VPLS service, and Figure 12-8 illustrates the configuration flowchart on the PE router to provision Ethernet port mode, Ethernet 802.1Q VLAN, and Ethernet dot1Q tunnel mode.
Figure 12-8. VPLS Service Configuration Flowchart on PE Router
Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes
The objective of this configuration scenario is to demonstrate VPLS network using port and 802.1Q VLAN mode. As shown in Figure 12-7, Customer A VPLS network uses port mode and Customer B VPLS network uses 802.1Q VLAN mode.
Table 12-1 shows the MAC address associated with CE routers.
|
Router |
MAC Address |
|---|---|
|
Customer A |
|
|
CE1-A |
0012.d9bd.b600 |
|
CE2-A |
0012.8034.6980 |
|
CE3-A |
0012.d9e7.ace0 |
|
Customer B |
|
|
CE1-B |
0012.80f3.2ce0 |
|
CE2-B |
0012.d9e7.b520 |
|
CE3-B |
0012.d9bd.b640 |
The steps to configure the topology shown in Figure 12-6 are as follows:
|
Step 1. |
Configure the interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A as an access port (untagged)and Customer B as an 802.1Q trunk port (tagged). See Example 12-2. Example 12-2. Configure the Two Interfaces Connected to CE Device PE1(config)#vlan 100 PE1(config-vlan)#state active PE1(config-vlan)#vlan 200 PE1(config-vlan)#state active PE1(config)#interface fastEthernet 4/1 PE1(config-if)#description VPLS Customer A (CE1-A) PE1(config-if)#switchport PE1(config-if)#switchport access vlan 100 PE1(config-if)#switchport mode access PE1(config-if)#interface FastEthernet4/2 PE1(config-if)#description VPLS Customer B (CE1-B) PE1(config-if)#switchport PE1(config-if)#switchport trunk encapsulation dot1q PE1(config-if)#switchport trunk allowed vlan 200 PE1(config-if)#switchport mode trunk |
|
Step 2. |
Define the VFI and bind it to the interface connected to the CE – In this step, the VFI is configured. After defining the VFI, it is associated to one or more attachment circuits (interfaces, subinterfaces, or virtual circuits). The VFI specifies the VPN ID of a VPLS domain, the addresses of other PE routers in this domain, and the type of tunnel signaling and encapsulation (currently only MPLS is supported) mechanism for each peer. |
An MPLS VPN ID is used to identify VPNs by a VPN identification number, as described in RFC 2685. This MPLS VPN ID is implemented to identify a VPN. The MPLS VPN ID feature does not control the distribution of routing information or associate IP addresses with MPLS VPN ID numbers in routing updates. Multiple VPNs can be configured in a router. You can use a VPN name (a unique ASCII string) to reference a specific VPN configured in the router. Alternately, you can use a VPN ID to identify a particular VPN in the router. The VPN ID follows a standard specification (RFC 2685). To ensure that the VPN has a consistent VPN ID, assign the same VPN ID to all the routers in the SP network that services that VPN. Each VPN ID defined by RFC 2685 consists of the following two elements:
- Organizational unique identifier (OUI) – A three-octet hex number that is assigned by the IEEE Registration Authority to any company that manufactures components under the ISO/IEC 8802 standard. The OUI generates universal LAN MAC addresses and protocol identifiers for use in LAN and MAN applications. For example, an OUI for Cisco Systems is 00-03-6B (hex).
- VPN index – A four-octet hexadecimal number, which identifies the VPN within the company. Use the vpn id command and specify the VPN ID in the following format:
vpn id oui:vpn-index
A colon separates the OUI from the VPN index.
Example 12-3 shows the steps to configure VFI and associate it to the attachment circuit.
Example 12-3. Step 3: Define the VFI and Associate It to the Attachment Circuit
PE1(config)#l2 vfi Cust_A manual PE1(config-vfi)# vpn id 100 PE1(config-vfi)# neighbor 10.10.10.102 encapsulation mpls PE1(config-vfi)# neighbor 10.10.10.103 encapsulation mpls PE1(config-vfi)#l2 vfi Cust_B manual PE1(config-vfi)#vpn id 200 PE1(config-vfi)#neighbor 10.10.10.102 encapsulation mpls PE1(config-vfi)#neighbor 10.10.10.103 encapsulation mpls PE1(config)#interface vlan 100 PE1(config-if)#xconnect vfi Cust_A PE1(config-if)#interface vlan 200 PE1(config-if)#xconnect vfi Cust_B
Verification of VPLS Connectivity
To verify VPLS connectivity, follow these steps:
|
Step 1. |
Ensure that directed LDP session is operational – Example 12-4 shows the output of the show mpls l2transport vc command. The output indicates the pseudo wire is functional for transporting Layer 2 packets across the MPLS backbone. Example 12-4. Output of show mpls l2transport vc on PE1 PE1#show mpls l2transport vc Local intf Local circuit Dest address VC ID Status ------------- -------------------- --------------- ---------- ---------- VFI Cust_A VFI 10.10.10.102 100 UP VFI Cust_B VFI 10.10.10.102 200 UP VFI Cust_A VFI 10.10.10.103 100 UP VFI Cust_B VFI 10.10.10.103 200 UP |
|
Step 2. |
Verify MPLS and VC label – Example 12-5 shows the output of show mpls l2transport vc vc-number detail where the VC ID is 100, and the directed LDP peer is 10.10.10.102 and 10.10.10.103. The VC label on PE1 for the outgoing interface on PE2 connected to CE2-A is 21, and it allocates VC Label 21 for the interface connected to CE1-A. With the directed LDP peer 10.10.10.103, the VC label on PE1 for the outgoing interface on PE2 connected to CE3-A is 17, and it allocates VC Label 22 for the interface connected to CE1-A. Example 12-5. show mpls l2transport vc on PE1
PE1#show mpls l2transport vc 100 detail
Local interface: VFI Cust_A up
Destination address: 10.10.10.102, VC ID: 100, VC status: up
Tunnel label: imp-null, next hop 10.10.10.2
Output interface: GE3/1, imposed label stack {21}
Create time: 10:13:08, last status change time: 10:06:25
Signaling protocol: LDP, peer 10.10.10.102:0 up
MPLS VC labels: local 21, remote 21
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 973, send 971
byte totals: receive 77383, send 77244
packet drops: receive 0, send 0
Local interface: VFI Cust_A up
Destination address: 10.10.10.103, VC ID: 100, VC status: up
Tunnel label: imp-null, next hop 10.10.10.6
Output interface: GE3/2, imposed label stack {17}
Create time: 10:13:09, last status change time: 10:06:45
Signaling protocol: LDP, peer 10.10.10.103:0 up
MPLS VC labels: local 22, remote 17
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 90, send 977
byte totals: receive 8560, send 77712
packet drops: receive 0, send 0
|
In Example 12-6, show mpls l2transport summary shows the total number of the VCs that are active.
Example 12-6. Output of show mpls l2 summary on PE3
PE1#show mpls l2transport summary Destination address: 10.10.10.102, total number of vc: 2 0 unknown, 2 up, 0 down, 0 admin down 2 active vc on MPLS interface GE3/1 Destination address: 10.10.10.103, total number of vc: 2 0 unknown, 2 up, 0 down, 0 admin down 2 active vc on MPLS interface GE3/2
In Example 12-7, show vfi shows the remote PE neighbors to which the pseudo wires are configured. The command will show the neighbors even if the pseudo wire is down.
Example 12-7. Output of show vfi on PE1
PE1#show vfi Cust_A VFI name: Cust_A, state: up Local attachment circuits: Vlan100 Neighbors connected via pseudowires: 10.10.10.102 10.10.10.103
Example 12-8 shows the MAC addresses learned by PE Router PE1.
Example 12-8. Output of show mac-address-table vlan on PE1
PE1#show mac-address-table vlan 100 Legend: * - primary entry vlan mac address type learn ports ------+----------------+--------+-----+-------------------------- * 100 0012.d9e7.ace0 dynamic Yes * 100 0012.8034.6980 dynamic Yes * 100 0012.d9bd.b600 dynamic Yes Fa4/1 PE1#show mac-address-table vlan 200 Legend: * - primary entry vlan mac address type learn ports ------+----------------+--------+-----+-------------------------- * 200 0012.d9e7.b520 dynamic Yes * 200 0012.80f3.2ce0 dynamic Yes Fa4/2 * 200 0012.d9bd.b640 dynamic Yes
VPLS Configurations on PE Router
Example 12-9 shows the relevant VPLS configurations on PE Routers PE1, PE2, and PE3.
Example 12-9. VPLS Configurations on PE1, PE2, and PE3
!PE1 hostname PE1 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A - CE1-A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet4/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !PE2 hostname PE2 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet4/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !PE3 hostname PE3 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! interface FastEthernet2/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet2/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B
CE Router Configurations for Customer A and Customer B
Example 12-10 shows the configurations for Customer A's and Customer B's CE devices.
Example 12-10. CE Router Configurations
!CE1-A hostname CE1-A ! interface FastEthernet0/0 ip address 172.16.1.1 255.255.255.0 ______________________________________________________________________ !CE1-B hostname CE1-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.1 255.255.255.0 ______________________________________________________________________ !CE2-A hostname CE2-A ! interface FastEthernet0/0 ip address 172.16.1.2 255.255.255.0 ______________________________________________________________________ !CE2-B hostname CE2-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.2 255.255.255.0 ______________________________________________________________________ !CE3-A hostname CE3-A ! interface FastEthernet0/0 ip address 172.16.1.3 255.255.255.0 ______________________________________________________________________ !CE3-B hostname CE3-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.3 255.255.255.0
Direct Attachment VPLS Configuration Scenario 2 – Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling
Figure 12-9 shows a direct attachment VPLS network that is providing VPLS service to Customer A and B networks. The objective of this configuration scenario is to demonstrate dot1q tunnel mode configuration and the usage of Layer 2 tunnel protocol for CDP in Customer A's VPLS network. Customer B's VPLS network has Site 2 dual-homed to the SP network via user PE (u-PE23). Customer B network is used primarily to demonstrate how STP is tunneled and to prevent Layer 2 loops when a site has redundant links to the provider network. Figure 12-9 shows the VPLS topology used to demonstrate
- Layer 2 tunnel protocol for CDP and STP
- VPLS redundancy
Figure 12-9. Direct Attachment VPLS Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling
Prior to configuring this scenario, you will be introduced to the following basic concepts:
- Cisco 802.1Q tunneling (also called Cisco 802.1Q-in-Q) – 802.1Q tunneling enables SPs to use a single VLAN to securely transport most or all of a customer's VLANs across the MAN or WAN backbone. In 802.1Q tunneling, IOS adds an additional 802.1Q tag to customer traffic in the switch at the edge of the SP's network to keep each customer's VLAN traffic segregated and private. The tag, therefore, allows customer VLANs to be backhauled across a single SP VLAN through the use of a tunnel port that is assigned to each customer site. All of a single customer's VLANs that are configured in the tunnel port on the SP's WAN edge switch are aggregated and backhauled over a single VLAN.
Service providers, therefore, do not have to assign a unique VLAN ID number to each individual customer VLAN, which quickly consumes the 4094 VLAN space supported by Ethernet's 802.1Q technology. In this way, encapsulating multiple customer 802.1Q VLANs into a single SP 802.1Q VLAN affords SPs a scalable approach to offering Ethernet services.
- Dot1q tunnel mode – In the VPLS network when using the dot1q tunnel mode, the 802.1Q tag is not used because the provider's MPLS network is used as a transit network in which the tunnel label is used to transport data packets from ingress PE to egress PE. Therefore, the tunnel label replaces the 802.1Q tag when the Layer 2 switch interface is configured to use the dot1q tunnel mode. Example 12-11 shows the configuration to enable dot1q tunnel mode on a switch port interface.
Example 12-11. Dot1q Tunnel Mode Configuration
Router(config-if)#switchport mode dot1q-tunnel
- Layer 2 protocol tunneling – In VPLS networks, Layer 2 switch ports by default drop STP and VTP packets. To avoid this, Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs), like CDP, STP, and VTP, to be tunneled through a network. As shown in Figure 12-9, if Layer 2 protocol tunneling is not enabled, CE1-A will not see CE2-A and CE3-A as CDP neighbors. Example 12-12 shows the configuration to enable Layer 2 protocol tunneling for CDP on switch port interfaces.
Example 12-12. Configuring Layer 2 Protocol Tunneling
Router(config-if)#l2protocol-tunnel cdp
The steps to configure the topology shown in Figure 12-9 are as follows:
|
Step 1. |
Configure the switch port interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A in dotq tunnel mode (untagged). Also, enable the interface for Layer 2 protocol tunneling. Example 12-13 shows the configuration on PE1 for interface 4/1 connected to CE1-A. Similarly, enable dot1q tunnel mode and Layer 2 protocol tunneling for CDP on 4/1 and 2/1 on PE2 and PE3, respectively. Example 12-13. Configure the Layer 2 Interface Connected to CE Device PE1(config)#interface fastEthernet 4/1 PE1(config-if)#description VPLS Customer A (CE1-A) PE1(config-if)#switchport PE1(config-if)# switchport access vlan 100 PE1(config-if)#switchport mode dot1q-tunnel PE1(config-if)#l2protocol-tunnel cdp ______________________________________________________________________ PE2(config)#vlan 20 PE2(config-vlan)#state active PE2(config-vlan)#no spanning-tree vlan 20,200 PE2(config)#interface FastEthernet4/12 PE2(config-if)# switchport PE2(config-if)# switchport trunk encapsulation dot1q PE2(config-if)# switchport trunk native vlan 20 PE2(config-if)# switchport trunk allowed vlan 20,200 ______________________________________________________________________ PE3(config)#vlan 20 PE3(config-vlan)#state active PE3(config-vlan)#no spanning-tree vlan 20,200 PE3(config)#interface FastEthernet2/12 PE3(config-if)# switchport PE3(config-if)# switchport trunk encapsulation dot1q PE3(config-if)# switchport trunk native vlan 20 PE3(config-if)# switchport trunk allowed vlan 20,200 For Customer B, the configurations for switch interface 4/2 on PE1 and PE2 are the same as shown in the earlier section. However, CE2B is connected to u-PE23, and u-PE23 is dual-homed to the provider network at PE2 (4/12) and PE3 (2/12). The configuration on u-PE23 is shown in Example 12-14. Example 12-14. Configuration of u-PE23 u-PE23(config)#spanning-tree mode mst u-PE23(config)#spanning-tree mst configuration u-PE23(config-mst)# name instance1 u-PE23(config-mst)# revision 1 u-PE23(config-mst)# instance 1 vlan 200 u-PE23(config)#interface FastEthernet0/11 u-PE23(config-if)# description connected to n-PE3 u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk native vlan 20 u-PE23(config-if)# switchport trunk allowed vlan 20,200 u-PE23(config-if)# switchport mode trunk u-PE23(config-if)#interface FastEthernet0/12 u-PE23(config-if)# description connected to n-PE2 u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk native vlan 20 u-PE23(config-if)# switchport trunk allowed vlan 20,200 u-PE23(config-if)# switchport mode trunk u-PE23(config-if)#interface FastEthernet0/2 u-PE23(config-if)# description connected to CE2-B u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk allowed vlan 200 u-PE23(config-if)# switchport mode trunk |
|
Step 2. |
Define the VFI and bind it to the interface connected to the CE – For Customer A and Customer B, the VFI configuration step is similar to section "Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes." Because the u-PE23 router multihomes with PE2 and PE3, spanning tree needs to be configured on the u-PE23 for pseudo wires that exist between the u-PE23 and PE2 and u-PE23 and PE3 routers, respectively. It is optional to configure spanning tree on PE Routers PE2 and PE3. In this case, PE2 and PE3 routers do not process BPDUs and only forward or relay them. Assuming spanning tree is configured on PE2 and PE3, they exchange and process BPDUs with each other and with u-PE23. To make PE2 and PE3 relay BPDUs an additional VFI, STP is configured to relay the BPDUs for MST instance configured on u-PE23. Example 12-15 shows the steps to configure VFI and associate it to the attachment circuit (in this case, native VLAN 20). Example 12-15. Define the VFI and Associate It to the Attachment Circuit PE2(config)#l2 vfi STP manual PE2(config-vfi)# vpn id 20 PE2(config-vfi)# neighbor 10.10.10.103 encapsulation mpls PE2(config)#interface vlan 20 PE2(config-if)#xconnect vfi STP ______________________________________________________________________ PE3(config)#l2 vfi STP manual PE3(config-vfi)#vpn id 20 PE3(config-vfi)#neighbor 10.10.10.102 encapsulation mpls PE3(config)#interface vlan 20 PE3(config-if)#xconnect vfi STP |
Verify Layer 2 Protocol Tunneling for CDP and MSTP
To verify Layer 2 protocol tunneling for CDP and MSTP, follow these steps:
|
Step 1. |
Verify Layer 2 protocol tunneling – Example 12-16 provides the status of Layer 2 protocol tunneling on PE Routers PE2 and PE3. It also shows that Layer 2 protocols, CDP and STP, are being tunneled. Example 12-16. Verify Layer 2 Protocol Tunneling PE2#show l2protocol-tunnel summary COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown Drop Status Threshold Threshold (cdp/stp/vtp) (cdp/stp/vtp) ------- ----------- ---------------- ---------------- ---------- Fa4/1 cdp --- --- ----/----/---- ----/----/---- up Fa4/12 --- stp --- ----/----/---- ----/----/---- up ______________________________________________________________________ PE3#show l2protocol-tunnel summary COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown Drop Status Threshold Threshold (cdp/stp/vtp) (cdp/stp/vtp) ------- ----------- ---------------- ---------------- ---------- Fa2/1 cdp --- --- ----/----/---- ----/----/---- up Fa2/12 --- stp --- ----/----/---- ----/----/---- up |
|
Step 2. |
Layer 2 protocol tunneling (CDP) – Example 12-17 shows the output of the show cdp neighbors command in which CE1-A sees CE2-A and CE3-A as CDP neighbors, and CE2-A sees CE1-A and CE3-A as CDP neighbors. Example 12-17. show cdp neighbor on CE1-A and CE2-A CE1-A#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID CE2-A Fas 0/0 132 R S 2611XM Fas 0/0 CE3-A Fas 0/0 170 R S 2621XM Fas 0/0 ______________________________________________________________________ CE2-A#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID CE3-A Fas 0/0 130 R S 2621XM Fas 0/0 CE1-A Fas 0/0 158 R S 2621XM Fas 0/0 |
|
Step 3. |
Verify spanning tree – Example 12-18 shows that fas0/11 on u-PE23 is in forwarding state, and fas0/12 is in blocking state. This shows that STP is being tunneled through and that the forwarding loop no longer exists. Example 12-18. show spanning-tree mst on u-PE23 u-PE23#show spanning-tree mst 1 ###### MST01 vlans mapped: 200 Bridge address 000b.fd2a.6b00 priority 32769 (32768 sysid 1) Root this switch for MST01 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/11 Desg FWD 200000 128.11 P2p Fa0/12 Back BLK 200000 128.12 P2p |
PE Configurations
Example 12-19 shows the configurations on the PE router.
Example 12-19. Configurations on PE Routers, PE1, PE2, PE3, and u-PE23
!PE1 hostname PE1 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! vlan internal allocation policy ascending vlan dot1q tag native ! ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface FastEthernet4/1 description VPLS Customer A (CE1-A) no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet4/2 description VPLS Customer B (CE1-B) no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan20 no ip address xconnect vfi STP interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address no ip igmp snooping xconnect vfi Cust_B ______________________________________________________________________ !PE2 hostname PE2 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi STP manual vpn id 20 neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet4/12 no ip address switchport switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 l2protocol-tunnel stp spanning-tree bpdufilter enable ! interface Vlan20 no ip address xconnect vfi STP ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address no ip igmp snooping xconnect vfi Cust_B ______________________________________________________________________ !PE3 hostname PE3 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi STP manual vpn id 20 neighbor 10.10.10.102 encapsulation mpls ! interface FastEthernet2/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet2/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface FastEthernet2/12 no ip address switchport switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 l2protocol-tunnel stp spanning-tree bpdufilter enable ! interface Vlan20 no ip address no ip igmp snooping xconnect vfi STP ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !u-PE2 hostname u-PE2 ! ip subnet-zero ! vtp domain Cust_B vtp mode transparent ! spanning-tree mode mst spanning-tree extend system-id ! spanning-tree mst configuration name instance1 revision 1 instance 1 vlan 200 ! interface FastEthernet0/2 description connected to CE2-B switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk spanning-tree bpdufilter enable ! interface FastEthernet0/11 description connected to n-PE3 switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 switchport mode trunk ! interface FastEthernet0/12 description connected to n-PE2 switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 switchport mode trunk
CE Configurations for Customers A and B
Refer to Example 12-10 for configurations of Customer A's and B's CE devices.
MPLS Overview
- MPLS Overview
- Unicast IP Forwarding in Traditional IP Networks
- Overview of MPLS Forwarding
- MPLS Terminology
- MPLS Control and Data Plane Components
- MPLS Operation
- Special Outgoing Label Types
- Penultimate Hop Popping
- Frame-Mode MPLS
- Cell-Mode MPLS
Basic MPLS Configuration
- Basic MPLS Configuration
- Frame-Mode MPLS Configuration and Verification
- Cell-Mode MPLS over ATM Overview, Configuration, and Verification
- Command Reference
Basic MPLS VPN Overview and Configuration
- Basic MPLS VPN Overview and Configuration
- VPN Categories
- MPLS VPN Architecture and Terminology
- MPLS VPN Routing Model
- MPLS VPN Basic Configuration
- Outbound Route Filters
- Command Reference
PE-CE Routing Protocol-Static and RIP
- PE-CE Routing Protocol-Static and RIP
- Static PE-CE Routing Overview, Configuration, and Verification
- Static PE-CE Routing Command Reference
- RIPv2 PE-CE Routing Overview, Configuration, and Verification
- RIPv1 PE-CE Routing Configuration and Verification
- RIP PE-CE Routing Command Reference
PE-CE Routing Protocol-OSPF and EIGRP
- PE-CE Routing Protocol-OSPF and EIGRP
- OSPF PE-CE Routing Protocol Overview, Configuration and Verification
- EIGRP PE-CE Routing Protocol Overview, Configuration, and Verification
Implementing BGP in MPLS VPNs
- Implementing BGP in MPLS VPNs
- BGP PE-CE Routing Protocol Overview, Configuration, and Verification
- Implementing Route-Reflectors in MPLS VPN Networks
- Case Study-Hub and Spoke MPLS VPN Network Using BGP PE-CE Routing for Sites Using Unique AS Numbers
- Case Study-Hub and Spoke MPLS VPN Network with Sites Using Same AS Numbers
- Command Reference
Inter-Provider VPNs
- Inter-Provider VPNs
- Overview of Inter-Provider VPNs
- Option 1: Inter-Provider VPN Using Back-to-Back VRF Method
- Option 2: Inter-Provider VPNs Using ASBR-to-ASBR Approach
- Option 3: Multi-Hop MP-eBGP Between RR and eBGP Between ASBRs
- Option 4: Non-VPN Transit Provider
- Case Study-Inter-AS Implementing Route-Reflector and BGP Confederation in Provider Networks
- Case Study-Multi-Homed Inter-AS Provider Network
- Command Reference
Carrier Supporting Carriers
- Carrier Supporting Carriers
- Carrier Supporting Carriers Overview
- Deployment Scenarios with CSC Architecture
- CSC Architecture Benefits
- Command Reference
MPLS Traffic Engineering
- MPLS Traffic Engineering
- TE Basics
- MPLS TE Theory
- Constraint-Based Routing and Operation in MPLS TE
- Configuring MPLS TE
- Command Reference
Implementing VPNs with Layer 2 Tunneling Protocol Version 3
- Implementing VPNs with Layer 2 Tunneling Protocol Version 3
- L2TPv3 Overview
- Configuring L2TPv3 Tunnels for Layer 2 VPN
- Configuring L2TPv3 Static Tunnels
- Configuring L2TPv3 Dynamic Tunnels
- Implementing Layer 3 VPNs over L2TPv3 Tunnels
- Command Reference
Any Transport over MPLS (AToM)
- Any Transport over MPLS (AToM)
- Introduction to Layer 2 VPNs
- Implementing AToM for Like to Like Circuits
- L2 VPN-Any to Any Interworking
- Local Switching
- Command Reference
Virtual Private LAN Service (VPLS)
- Virtual Private LAN Service (VPLS)
- VPLS Overview
- VPLS Topology-Single PE or Direct Attachment
- Hierarchical VPLS-Distributed PE Architecture
- Command Reference
Implementing Quality of Service in MPLS Networks
- Implementing Quality of Service in MPLS Networks
- Introduction to QoS-Classification and Marking
- MPLS QoS Implementation
- MPLS QoS Operating Modes
- Modular QoS CLI: Configuration of QoS on Cisco Routers
- Configuration and Implementation of MPLS QoS in Uniform Mode and Short Pipe Mode Operation
- Implementing MPLS QoS for Layer 2 VPN Implementations
- Command Reference
MPLS Features and Case Studies
- MPLS Features and Case Studies
- Case Study 1: Implementing Multicast Support for MPLS VPNs
- Case Study 2: Implementing Multi-VRF CE, VRF Selection Using Source IP Address, VRF Selection Using Policy-Based Routing, NAT and HSRP Support in MPLS VPN, and Multicast VPN Support over Multi-VRF CE
- Case Study 3: Implementing Layer 2 VPNs over Inter-AS Topologies Using Layer 2 VPN Pseudo-Wire Switching
- Case Study 4: Implementing Layer 3 VPNs over Layer 2 VPN Topologies and Providing L2 VPN Redundancy
- Case Study 5: Implementing Dynamic Layer 3 VPNs Using mGRE Tunnels
- Case Study 6: Implementing Class-Based Tunnel Selection with MPLS Traffic Engineering
- Case Study 7: Implementing Hub and Spoke Topologies with OSPF
- Case Study 8: Implementing Hub and Spoke Topologies with EIGRP
- Case Study 9: Implementing VPLS Services with the GSR 12000 Series
- Case Study 10: BGP Site of Origin
- Command Reference
EAN: 2147483647
Pages: 130
